Last announcement

OpenOTP includes a new OTP Type (PROXY) to enable automatic forwarding of login requests to a third-party RADIUS server.
This functionality allows an organization which already uses an authentication server to smoothly switch to OpenOTP. In that case, you can set OpenOTP default OTP Type to the PROXY mode and gradually enroll OpenOTP Tokens for your users.

Recent releases

Release Notes: This release supports hardware cryptography with YubiHSM from Yubico. HSMs are used for token seed generation, SMS/mail passwords and OCRA challenges, and token secret storage (AES-256-CBC mode). Server-side concatenated passwords are now supported for simpler integrations in non-challenged mode. The update also includes a lot of other features and some fixes.

Release Notes: SMSOTP and MailOTP support for sending OTPs to several numbers/addresses per-user. MailOTP subject can be customized. The user blocking management was enhanced. Blocking alerts were added. An HOTP resync problem was fixed. A PSKC export problem was fixed. New requests are optionally allowed when a session is already started after a delay of 5 seconds (the existing session is dropped the and user does not have to wait for the challenge timeout). A 'Service Name' setting was added for customizing the Google Authenticator display name. A Manager function was added for checking user blocking status.